Chromium Code Reviews Chromium Code Reviews
Issue 2655023004:
Feature policy: Add basic algorithm for supporting frame policies. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/feature_policy/feature_policy.h" | 5 #include "content/common/feature_policy/feature_policy.h" |
| 6 | 6 |
| 7 #include "base/macros.h" | 7 #include "base/macros.h" |
| 8 #include "base/memory/ptr_util.h" | 8 #include "base/memory/ptr_util.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 | 10 |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 102 for (const auto& targetOrigin : origins_) { | 102 for (const auto& targetOrigin : origins_) { |
| 103 if (targetOrigin.IsSameOriginWith(origin)) | 103 if (targetOrigin.IsSameOriginWith(origin)) |
| 104 return true; | 104 return true; |
| 105 } | 105 } |
| 106 return false; | 106 return false; |
| 107 } | 107 } |
| 108 | 108 |
| 109 // static | 109 // static |
| 110 std::unique_ptr<FeaturePolicy> FeaturePolicy::CreateFromParentPolicy( | 110 std::unique_ptr<FeaturePolicy> FeaturePolicy::CreateFromParentPolicy( |
| 111 const FeaturePolicy* parent_policy, | 111 const FeaturePolicy* parent_policy, |
| 112 const ParsedFeaturePolicyHeader* frame_policy, | |
| 112 const url::Origin& origin) { | 113 const url::Origin& origin) { |
| 113 return CreateFromParentPolicy(parent_policy, origin, GetDefaultFeatureList()); | 114 return CreateFromParentPolicy(parent_policy, frame_policy, origin, |
| 115 GetDefaultFeatureList()); | |
| 114 } | 116 } |
| 115 | 117 |
| 116 bool FeaturePolicy::IsFeatureEnabledForOrigin( | 118 bool FeaturePolicy::IsFeatureEnabledForOrigin( |
| 117 blink::WebFeaturePolicyFeature feature, | 119 blink::WebFeaturePolicyFeature feature, |
| 118 const url::Origin& origin) const { | 120 const url::Origin& origin) const { |
| 119 DCHECK(base::ContainsKey(feature_list_, feature)); | 121 DCHECK(base::ContainsKey(feature_list_, feature)); |
| 120 const FeaturePolicy::Feature* feature_definition = feature_list_.at(feature); | 122 const FeaturePolicy::Feature* feature_definition = feature_list_.at(feature); |
| 121 DCHECK(base::ContainsKey(inherited_policies_, feature)); | 123 DCHECK(base::ContainsKey(inherited_policies_, feature)); |
| 122 if (!inherited_policies_.at(feature)) | 124 if (!inherited_policies_.at(feature)) |
| 123 return false; | 125 return false; |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 158 : origin_(origin), feature_list_(feature_list) {} | 160 : origin_(origin), feature_list_(feature_list) {} |
| 159 | 161 |
| 160 FeaturePolicy::FeaturePolicy(url::Origin origin) | 162 FeaturePolicy::FeaturePolicy(url::Origin origin) |
| 161 : origin_(origin), feature_list_(GetDefaultFeatureList()) {} | 163 : origin_(origin), feature_list_(GetDefaultFeatureList()) {} |
| 162 | 164 |
| 163 FeaturePolicy::~FeaturePolicy() {} | 165 FeaturePolicy::~FeaturePolicy() {} |
| 164 | 166 |
| 165 // static | 167 // static |
| 166 std::unique_ptr<FeaturePolicy> FeaturePolicy::CreateFromParentPolicy( | 168 std::unique_ptr<FeaturePolicy> FeaturePolicy::CreateFromParentPolicy( |
| 167 const FeaturePolicy* parent_policy, | 169 const FeaturePolicy* parent_policy, |
| 170 const ParsedFeaturePolicyHeader* frame_policy, | |
| 168 const url::Origin& origin, | 171 const url::Origin& origin, |
| 169 const FeaturePolicy::FeatureList& features) { | 172 const FeaturePolicy::FeatureList& features) { |
| 170 std::unique_ptr<FeaturePolicy> new_policy = | 173 std::unique_ptr<FeaturePolicy> new_policy = |
| 171 base::WrapUnique(new FeaturePolicy(origin, features)); | 174 base::WrapUnique(new FeaturePolicy(origin, features)); |
| 172 for (const auto& feature : features) { | 175 for (const auto& feature : features) { |
| 173 if (!parent_policy || | 176 if (!parent_policy || |
| 174 parent_policy->IsFeatureEnabledForOrigin(feature.first, origin)) { | 177 parent_policy->IsFeatureEnabledForOrigin(feature.first, origin)) { |
| 175 new_policy->inherited_policies_[feature.first] = true; | 178 new_policy->inherited_policies_[feature.first] = true; |
| 176 } else { | 179 } else { |
| 177 new_policy->inherited_policies_[feature.first] = false; | 180 new_policy->inherited_policies_[feature.first] = false; |
| 178 } | 181 } |
| 182 if (frame_policy) { | |
|
raymes
2017/02/20 02:20:17
nit: we should be consistent with brackets around
iclelland
2017/02/21 19:51:05
Done.
| |
| 183 new_policy->AddFramePolicy(parent_policy, frame_policy); | |
| 184 } | |
| 179 } | 185 } |
| 180 return new_policy; | 186 return new_policy; |
| 181 } | 187 } |
| 182 | 188 |
| 189 void FeaturePolicy::AddFramePolicy( | |
| 190 const FeaturePolicy* parent_policy, | |
| 191 const ParsedFeaturePolicyHeader* frame_policy) { | |
| 192 DCHECK(parent_policy); | |
| 193 DCHECK(frame_policy); | |
| 194 for (const ParsedFeaturePolicyDeclaration& parsed_declaration : | |
| 195 *frame_policy) { | |
| 196 blink::WebFeaturePolicyFeature feature = | |
| 197 FeatureForName(parsed_declaration.feature_name, feature_list_); | |
| 198 if (feature == blink::WebFeaturePolicyFeature::NotFound) | |
| 199 continue; | |
| 200 if (WhitelistFromDeclaration(parsed_declaration)->Contains(origin_) && | |
|
raymes
2017/02/20 02:20:17
nit: I know it will be specc'd but maybe a comment
iclelland
2017/02/21 19:51:05
Done. (And in blink-side implementation as well)
| |
| 201 parent_policy->IsFeatureEnabled(feature)) { | |
| 202 inherited_policies_[feature] = true; | |
| 203 } else { | |
| 204 inherited_policies_[feature] = false; | |
| 205 } | |
| 206 } | |
| 207 } | |
| 208 | |
| 183 // static | 209 // static |
| 184 const FeaturePolicy::FeatureList& FeaturePolicy::GetDefaultFeatureList() { | 210 const FeaturePolicy::FeatureList& FeaturePolicy::GetDefaultFeatureList() { |
| 185 CR_DEFINE_STATIC_LOCAL( | 211 CR_DEFINE_STATIC_LOCAL( |
| 186 FeatureList, default_feature_list, | 212 FeatureList, default_feature_list, |
| 187 ({{blink::WebFeaturePolicyFeature::DocumentCookie, &kDocumentCookie}, | 213 ({{blink::WebFeaturePolicyFeature::DocumentCookie, &kDocumentCookie}, |
| 188 {blink::WebFeaturePolicyFeature::DocumentDomain, &kDocumentDomain}, | 214 {blink::WebFeaturePolicyFeature::DocumentDomain, &kDocumentDomain}, |
| 189 {blink::WebFeaturePolicyFeature::DocumentWrite, &kDocumentWrite}, | 215 {blink::WebFeaturePolicyFeature::DocumentWrite, &kDocumentWrite}, |
| 190 {blink::WebFeaturePolicyFeature::Fullscreen, &kFullscreenFeature}, | 216 {blink::WebFeaturePolicyFeature::Fullscreen, &kFullscreenFeature}, |
| 191 {blink::WebFeaturePolicyFeature::Geolocation, &kGeolocationFeature}, | 217 {blink::WebFeaturePolicyFeature::Geolocation, &kGeolocationFeature}, |
| 192 {blink::WebFeaturePolicyFeature::MidiFeature, &kMidiFeature}, | 218 {blink::WebFeaturePolicyFeature::MidiFeature, &kMidiFeature}, |
| 193 {blink::WebFeaturePolicyFeature::Notifications, &kNotificationsFeature}, | 219 {blink::WebFeaturePolicyFeature::Notifications, &kNotificationsFeature}, |
| 194 {blink::WebFeaturePolicyFeature::Payment, &kPaymentFeature}, | 220 {blink::WebFeaturePolicyFeature::Payment, &kPaymentFeature}, |
| 195 {blink::WebFeaturePolicyFeature::Push, &kPushFeature}, | 221 {blink::WebFeaturePolicyFeature::Push, &kPushFeature}, |
| 196 {blink::WebFeaturePolicyFeature::SyncScript, &kSyncScript}, | 222 {blink::WebFeaturePolicyFeature::SyncScript, &kSyncScript}, |
| 197 {blink::WebFeaturePolicyFeature::SyncXHR, &kSyncXHR}, | 223 {blink::WebFeaturePolicyFeature::SyncXHR, &kSyncXHR}, |
| 198 {blink::WebFeaturePolicyFeature::Usermedia, &kUsermedia}, | 224 {blink::WebFeaturePolicyFeature::Usermedia, &kUsermedia}, |
| 199 {blink::WebFeaturePolicyFeature::Vibrate, &kVibrateFeature}, | 225 {blink::WebFeaturePolicyFeature::Vibrate, &kVibrateFeature}, |
| 200 {blink::WebFeaturePolicyFeature::WebRTC, &kWebRTC}})); | 226 {blink::WebFeaturePolicyFeature::WebRTC, &kWebRTC}})); |
| 201 return default_feature_list; | 227 return default_feature_list; |
| 202 } | 228 } |
| 203 | 229 |
| 204 } // namespace content | 230 } // namespace content |
| OLD | NEW |
